Cybergangs use cheap labor to break codes on social sites

Source: USA Today

SEATTLE — It's become the new front in cybercrime: scams and identity-theft programs that attack e-mail accounts and users of social-networking sites such as Facebook and MySpace.

To carry out many of these automated attacks, cybercriminals first must overcome "captchas," the distorted letters and characters that users of an e-mail or social-networking account are required to type to complete certain online forms. For years, captchas have helped to stop or bog down automated programs aimed at creating, among other things, e-mail accounts that promote scams such as fake computer virus protection and bogus accounts on social websites that can be used to collect personal information on legitimate users.

Now, security specialists say, a growing number of captcha-breaking groups are using real people to type in captcha responses for cybergangs around the world. This is allowing the gangs to create fake e-mail and social-network accounts by the tens of thousands — and use them as the starting point for a variety of cyberscams spread by e-mail and instant messages.

MySpace and Facebook say that, so far, they have kept such attacks largely in check. But security researchers say that as long as captchas are a key security feature on networking websites, cyberattacks on such sites are likely to intensify.

Read more: http://www.usatoday.com/tech/news/computersecurity/2009-04-22-captcha-code-breakers_N.htm?POE=click-refer

as "proof" of the existence of a person, or a certificate of their personal reliability is asking to be scammed.